Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network element must have the Finger service disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3079 | NET0730 | SV-3079r2_rule | ECSC-1 | Low |
| Description |
|---|
| The finger service supports the UNIX finger protocol, which is used for querying a host about the users that are logged on. This service is not necessary for generic users. If an attacker were to find out who is using the network, they may use social engineering practices to try to elicit classified DoD information. |
| STIG | Date |
|---|---|
| Infrastructure Router Security Technical Implementation Guide | 2013-10-08 |
Details
| Check Text ( C-3571r3_chk ) |
|---|
| Ensure finger has not been implemented in the configuration by verifying the vendor default and reviewing the configuration. |
| Fix Text (F-3104r3_fix) |
|---|
| Disable the finger service. |